'Facebook Security' Phishing Emails Target Facebook Page Owners to Steal Login Details

Facebook is like a perpetual phishing ground for hackers and cybercrooks. Now that Facebook has over a billion users, it is open phishing season for the cybercrook phishers who have set out to send bogus Facebook Security emails to those who operate and own a Facebook fan page.

According to Hoax-Slayer, there are phishing emails circulating on Facebook directed towards owners of Facebook pages. These phishing emails are ones that claim to come from Facebook Security asking the user to enter into a Fan Page Verification Program. The message contains a link that will display a page asking for Facebook login details. Once the login credentials are entered, because it is a Phishing page, they are stolen and sent to the hackers behind this mischievous scam.

In this newfound scam, the crooks are seeking login details of Facebook page owners. Armed with such details the cybercrooks may be able to spread their 'malicious link-love' to all of the followers of specific compromised Facebook fan pages.

As shown in Figure 1 below, an actual screen shot of the phishing 'Fan Page Verification Program' login screen, hackers are able to compromise Facebook user login details. Moreover, to make the 'verification page' more enticing, the user is asked to choose a 10-digit number that will supposedly become the user's 'Transferring Code'. After entering this information and choosing their transferring code, the user is promised a confirmation email within 24 hours. Of course, you shouldn't hold your breath waiting for this so-called confirmation email. After-all, this is a scam that will continue to be a constant reminder as to be cautious of where you enter login details for any online account, including the social haven Facebook.

Figure 1. Facebook Fan Page Verification page phishing scam login screen - Source: hoax-slayer.com

This scheme, among others, is just another notch in the endless belt of endless scams circulating on Facebook. We can only ask that users be aware of how scams like this operate and to be proactive in protecting their system from malicious infections that may come out of similar schemes.